The log_event function in ssmtp 2.50.6 and earlier allows...
Low severity
Unreviewed
Published
Apr 29, 2022
to the GitHub Advisory Database
•
Updated Jan 30, 2023
Description
Published by the National Vulnerability Database
Jul 7, 2004
Published to the GitHub Advisory Database
Apr 29, 2022
Last updated
Jan 30, 2023
The log_event function in ssmtp 2.50.6 and earlier allows local users to overwrite arbitrary files via a symlink attack on the ssmtp.log temporary log file.
References